Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/gDEvOg6OcYYWFD0bqTTnsX8UN8g.roa
File: gDEvOg6OcYYWFD0bqTTnsX8UN8g.roa (raw, json)
Hash identifier: 3kha1myd2ZeAwF5PZ/6/eeOkNP7jQs4Zq3IwPTRi+Hg=
Subject key identifier: 80:31:2F:3A:0E:8E:71:86:16:14:3D:1B:A9:34:E7:B1:7F:14:37:C8
Certificate issuer: /CN=5975d519de239cf164cb94a6660c2530ceaef254
Certificate serial: 018CC80122F66510559A4E6633C6D0A3B3C3
Authority key identifier: 59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/gDEvOg6OcYYWFD0bqTTnsX8UN8g.roa
Signing time: Tue 02 Jan 2024 02:29:26 +0000
ROA not before: Tue 02 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207144
IP address blocks: 85.11.172.0/24 maxlen: 24
185.164.240.0/24 maxlen: 24
85.11.176.0/24 maxlen: 24
85.11.178.0/24 maxlen: 24
185.164.241.0/24 maxlen: 24
85.11.173.0/24 maxlen: 24
185.164.243.0/24 maxlen: 24
85.11.175.0/24 maxlen: 24
185.164.242.0/24 maxlen: 24
85.11.184.0/24 maxlen: 24
85.11.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 May 2024 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:22:f6:65:10:55:9a:4e:66:33:c6:d0:a3:b3:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5975d519de239cf164cb94a6660c2530ceaef254
Validity
Not Before: Jan 2 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80312f3a0e8e718616143d1ba934e7b17f1437c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:06:c9:a8:46:1b:87:ae:34:9a:48:80:b7:68:
cd:b5:92:27:64:02:8d:f1:13:29:a2:b1:f1:f0:f5:
83:a3:14:b9:ba:2d:2d:4f:84:5f:33:36:c4:72:4f:
a3:9b:e3:a2:3b:da:39:87:09:91:e1:5a:41:fa:fe:
c4:89:2e:8b:a6:cf:00:7c:bd:8a:da:a6:3f:eb:2a:
03:b1:24:0e:99:3c:31:42:7e:89:4b:b6:52:b2:c5:
79:08:fb:04:fa:7e:2c:bc:46:20:01:f5:91:dc:c1:
3f:55:6f:0c:57:13:53:a7:81:c3:48:97:35:d6:2d:
c8:24:3f:af:b8:fc:48:b6:5a:54:4a:24:e6:ee:97:
57:c3:3f:af:a2:02:e3:cb:33:7f:41:6f:cd:be:51:
84:51:6c:c3:ee:7c:44:c4:ce:47:51:2c:eb:d6:4e:
71:36:c0:5b:5e:bc:28:77:2a:9d:57:8b:92:74:63:
d9:e5:0e:2b:31:d5:ac:9e:45:98:21:96:8d:a7:8b:
b5:3f:d8:eb:33:b8:d7:06:7e:f7:88:3c:dd:58:b7:
28:af:64:5f:76:1b:6c:9c:41:06:dd:0b:f4:a4:de:
14:6f:d5:cd:48:34:ba:15:72:34:20:61:d4:3b:e6:
fc:9e:1f:b8:58:0f:eb:44:2e:c8:bf:68:c0:03:96:
f4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:31:2F:3A:0E:8E:71:86:16:14:3D:1B:A9:34:E7:B1:7F:14:37:C8
X509v3 Authority Key Identifier:
keyid:59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/gDEvOg6OcYYWFD0bqTTnsX8UN8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.11.172.0/23
85.11.175.0-85.11.176.255
85.11.178.0/24
85.11.184.0/24
85.11.188.0/24
185.164.240.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:74:b6:c1:9c:05:b9:f4:f7:55:5e:f7:08:12:07:21:a1:a1:
d5:e5:a8:19:46:6a:02:ec:2f:25:f0:d5:75:d9:44:a3:db:f9:
37:23:82:15:7b:35:72:e2:20:56:b1:7f:03:55:1a:e7:00:eb:
1a:1b:d4:5c:3a:2f:d7:95:29:35:bb:b1:8f:3a:77:e8:a1:5a:
ae:22:16:61:c0:15:e4:a1:e0:f6:21:78:73:87:2a:a1:6d:e3:
fc:9e:22:75:64:34:bf:9d:22:b6:d3:28:37:a4:4b:97:a3:cd:
04:32:74:d3:9a:58:5f:43:b0:42:0e:66:99:27:b5:db:b7:46:
51:00:af:62:ac:c1:6f:8a:0f:07:da:94:9f:ab:6c:09:36:4a:
ac:45:20:bd:da:aa:26:43:78:95:c6:87:a5:4e:3e:8a:aa:ca:
05:64:84:2a:73:3a:08:ff:bc:c1:9b:26:0e:2c:b6:4a:33:08:
58:74:25:f0:8e:25:78:c9:d4:bf:e1:c3:c3:3a:c7:40:73:32:
20:6a:03:31:e9:74:fe:1a:1f:b3:1b:3b:14:dc:45:e3:57:c3:
1f:da:08:f9:ae:f1:ac:e2:fa:2e:82:94:f5:b4:ce:cb:38:26:
9d:ec:d8:03:a1:3c:cd:40:19:67:cc:79:78:49:2c:41:3d:58:
5a:7b:03:82
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzIASL2ZRBVmk5mM8bQo7PDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NzVkNTE5ZGUyMzljZjE2NGNiOTRhNjY2MGMyNTMwY2Vh
ZWYyNTQwHhcNMjQwMTAyMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDMxMmYzYTBlOGU3MTg2MTYxNDNkMWJhOTM0ZTdiMTdmMTQzN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAbJqEYbh640mkiAt2jNtZInZAKN
8RMporHx8PWDoxS5ui0tT4RfMzbEck+jm+OiO9o5hwmR4VpB+v7EiS6Lps8AfL2K
2qY/6yoDsSQOmTwxQn6JS7ZSssV5CPsE+n4svEYgAfWR3ME/VW8MVxNTp4HDSJc1
1i3IJD+vuPxItlpUSiTm7pdXwz+vogLjyzN/QW/NvlGEUWzD7nxExM5HUSzr1k5x
NsBbXrwodyqdV4uSdGPZ5Q4rMdWsnkWYIZaNp4u1P9jrM7jXBn73iDzdWLcor2Rf
dhtsnEEG3Qv0pN4Ub9XNSDS6FXI0IGHUO+b8nh+4WA/rRC7Iv2jAA5b0jwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIAxLzoOjnGGFhQ9G6k057F/FDfIMB8GA1UdIwQY
MBaAFFl11RneI5zxZMuUpmYMJTDOrvJUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUt
MmNjNjc1NzI2OTc1LzEvZ0RFdk9nNk9jWVlXRkQwYnFUVG5zWDhVTjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUtMmNjNjc1NzI2OTc1
LzEvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBVQusMAwD
BABVC68DBABVC7ADBABVC7IDBABVC7gDBABVC7wDBAK5pPAwDQYJKoZIhvcNAQEL
BQADggEBABt0tsGcBbn091Ve9wgSByGhodXlqBlGagLsLyXw1XXZRKPb+TcjghV7
NXLiIFaxfwNVGucA6xob1Fw6L9eVKTW7sY86d+ihWq4iFmHAFeSh4PYheHOHKqFt
4/yeInVkNL+dIrbTKDekS5ejzQQydNOaWF9DsEIOZpkntdu3RlEAr2KswW+KDwfa
lJ+rbAk2SqxFIL3aqiZDeJXGh6VOPoqqygVkhCpzOgj/vMGbJg4stkozCFh0JfCO
JXjJ1L/hw8M6x0BzMiBqAzHpdP4aH7MbOxTcReNXwx/aCPmu8azi+i6ClPW0zss4
Jp3s2AOhPM1AGWfMeXhJLEE9WFp7A4I=
-----END CERTIFICATE-----
Generated at Wed May 29 11:27:30 2024 by rpki-client on console-ams.rpki-client.org